Open Redirect Vulnerability in OpenCATS by OpenCATS
CVE-2023-27292

5.4MEDIUM

Key Information:

Vendor: Opencats
Status: Opencats
Vendor: CVE Published:; 28 February 2023

What is CVE-2023-27292?

An open redirect vulnerability exists in OpenCATS, allowing attackers to perform template injection through inadequate validation of user-supplied GET parameters. This weakness could lead to unauthorized access or manipulation of the application's behavior, making it essential for users to ensure their installations are updated to mitigate potential risks.

Affected Version(s)

OpenCATS 0.9.6

References

https://www.tenable.com/security/research/tra-2023-8

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 28, 2023
Vulnerability Reserved
Feb 27, 2023

CVE-2023-27292 Data

JSON

Opencats

What is CVE-2023-27292?

Affected Version(s)

References

CVSS V3.1

Timeline